Back

@confluency I doubt they are being pressured into it (I know product managers that would be capable of introducing something this stupid).

But I can guarantee that the border control and other state actors are popping Champagne.

@confluency @simontoth As in, "never attribute to malice that which can be adequately explained by incompetence?" (Or something like that.)

Not sure I buy that.

@confluency @simontoth I hope they realise the risk to themselves, if nothing else.

@simontoth @confluency Microsoft is getting pressured by Saudi-Arabia and the petro oil states to include "AI" / Recall, because 1. Saudi-Arabia has too much money (from selling fossil fuels) and 2. because Saudi-Arabia wants to have surveillance over their citizens/journalists. The vice president at Microsoft over AI has connections to the government of Saudi-Arabia.

@confluency Then what represents the Vogon fleet? Or Ford Prefect?

@confluency That's just what The Man does. Anyone who was paying attention to the fate of RIM and the effective encryption briefly available via Blackberry devices will remember the bulldozer.

Problems with collectively derived power can't have individual answers.

@confluency@hachyderm.io I have a theory that it's a social engineering security breach. Some people at Microsoft got together and wondered if they could actually get an absurdly insecure concept through all the processes and into product, without it being flagged and stopped, just to see if it was possible to manipulate the right people and systems.

@alastair @confluency “Don’t worry, I was just PRETENDING to obliterate modern security as we know it!”
“Don’t care, it still ships tomorrow.”

@alastair @confluency @_L1vY_
Pretty sure that’s a conspiracy theory…
Meaning it’s highly unlikely.shrug

I think they were just thinking how they could wow folks because they have invested a fckton of money. So invest a shit ton of money make it sparkle, we can worry about security later right?

Our society is one of privledge, merit based, and capitalist based.

In other words basically a mob of people all playing the largest game of music chairs on earth. Tit for tat just my pov

@confluency to me this appears a bit more indirectly, to normalize surveillance and let people feel it to be a helpful thing

@confluency this is why I never get down with conspiracy theories. They don't hide anything, they just do it.

@confluency we try hard to avoid fear-driven reasoning and focusing too hard on unanswerable questions

with totalitarian surveillance stuff like this, it barely matters if there's human intent to make it worse. every major power structure's incentives are to make it worse, so in the absence of pushback, that's what happens.

@confluency I hadn't thought of that. Thanks for the warning!

@confluency

Little side note

The Luddites were not against technology in general, "many were willing to adapt to the mechanization of the textile industry as long as they shared in the profits. However, they watched as the productivity gains from technology enriched the capitalists, not the workers."
https://www.history.com/news/industrial-revolution-luddites-workers

This actually is directly applicable to the #Recall desaster. Nobody would reject a good local search, as long as you (and others) remain in control of their data

@confluency This is why we must curate our friends wisely and refuse to talk about anything sensitive or personal with people who still use Windows and refuse to listen

@confluency In this light I suppose Microsoft run Linux on their systems

@confluency@hachyderm.io It's bad but I think there is a significant sense to which all of this isn't new. It's already possible to document everything someone does on a computer and its reasonable to think many of the worst abusers and actors will have already figure this out. To some extent that's the 'analogue hole', the unfixable problem of once the information is on the screen or coming out of the speakers. I wanted to understand Recall better and I set up automatic screenshotting on PC within ten minutes, and only a tray icon was visible (and easily hideable from a novice user).

So it's making a problem probably significantly worse. But it's not quite a paradigm shift, and it's worth remembering that all of those risks still exist to a lesser degree even without Windows or Recall. I would already consider my data compromised in the binary sense at that point, even though Recall is an additional vector.

Even without Recall or screenshots and with no additional software, my computer is logging all the web sites I visit, I can look up the applications I have open etc. I think though a secondary problem is not Recall itself but that they've made lots of people think about how to extract history from a computer who might just not have thought about it.

@TomDB@mastodon-belgium.be @confluency@hachyderm.io To be fair I'm not the person to ask about what Recall potentially enables because I'm sufficiently expert in extracting and manipulating information to do it myself (as are probably a lot of people in techie circles). It's the advertising of the vulnerability and the fact that it's now easier (setting aside the completely incompetent technical implementation).

@confluency

Excellent point

@confluency This is on my mind a lot as a non-user of Gmail. As you know, this does very little to keep my email private from Google.

@confluency@hachyderm.io

Even better is if you sent something encrypted but the recipient views it, (having bothered to encrypt it for data-in-transit and/or data-at-rest reasons) ends up mean bupkis.

@confluency it's like COVID: you can do all the prevention you want, but if others go around spreading it, you're caught in it one way or another

@confluency

Been thinking about how my credit union uses Windows, and my 401K people, and my doctors who have already leaked my data 50 times, and and and...

@confluency Just for the record, I think most people wouldn't have any trouble at all understanding why this is terrible, even at the systemic level, once they understand how it works. The problem is that "we" have trouble accepting that the people in charge could possibly be so stupid or so evil.

See also:

https://hachyderm.io/@Voline@kolektiva.social/112561841976258365

@confluency so true.

@confluency this is true for emails and chat messages too.
Who has access to the messages at rest?

@confluency Systemic problems often lead to huge shifts.

So perhaps a huger shift to Linux will happen? Most of the time security is kinda abstract to people, but "Microsoft is screenshotting every porn you watch" might be much easier to grasp.

@chrastecky I would honestly love to believe this, but I don't.

Here's hoping it's as many people as possible, though. This is a golden opportunity for the big distros to target the Linux-curious -- but it's going to be a hard sell. Step zero is to convince people to install something *at all* instead of just using the thing that came pre-installed on their computer. For some people that is already too risky, unless they have a friend to help them.

@chrastecky More importantly, the odds of the large institutions that already have a lot of our sensitive data abruptly switching en masse over this is basically nil. They have the manoeuvrability of megatankers. I guess the more serious ones will come up with internal policies for disabling the feature -- good luck making sure that there are no leaks in the system. In less serious organisations with poor enforcement, I fully expect employees to turn it back on, copy work to home laptops, etc..

@confluency And of course “sent sensitive data” includes having gotten blood drawn at a routine physical which leads to your doctor’s office having a whole screenshottable list of test results about your blood sugar, cholesterol, etc. You don’t even have to use the internet to have your privacy compromised.